HTTPBuilder APIs for Groovy which is a wrapper for Apache's HTTPClient allows to make HTTP/HTTPS requests from JVM. Making HTTP requests are pretty straight forward. However, HTTPS requests to local server running a self-signed SSL certificate involves a bit of work.

HTTPBuilder APIs are available to grails as a plugin, called rest. To install the plugin go to the grails project directory and run

grails install-plugin rest

1. Run the grails application with HTTPS.

2. Access the home page over HTTPS which will display a security warning. If you are using Firefox, choose 'View' in the 'Add Security Exception' dialog to view the SSL certificate. From the details tab, choose 'Export' and save as X.509 Certificate (PEM) with file name, say 'localhost' which will be saved as 'localhost.crt'.

3. Now we have to import the certificate to the Java keystore. From terminal (cmd), navigate to the location where the certificate is saved and type the following command:

keytool -importcert -alias "" -file localhost.crt -keystore truststore.jks -storepass password1234

4. Copy the truststore.jks file created in step 3 to grails-app/conf folder.

5. RestConnector is a simple example which can be used for HTTP request. We will modify the class to support HTTPS requests.

// RestConnector.groovy
import grails.converters.JSON
import org.apache.http.impl.client.DefaultRedirectStrategy
import org.apache.http.impl.cookie.BasicClientCookie
import org.apache.http.conn.scheme.Scheme
import org.apache.http.conn.ssl.SSLSocketFactory
import org.apache.http.HttpRequest
import org.apache.http.HttpResponse
import org.apache.http.protocol.HttpContext
import javax.servlet.http.HttpServletResponse
import javax.servlet.http.Cookie
class RestConnector {
    private String baseUrl
    private HTTPBuilder httpBuilder
    private List<string> cookies
    private KeyStore keyStore
    RestConnector(String url) {
        this.baseUrl = url
        this.httpBuilder = initializeHttpBuilder()
        this.cookies = []
    public def request(Method method, ContentType contentType, String url, Map<String, Serializable> params) {
        debug("Send $method request to ${this.baseUrl}$url: $params")
        // import the key from the keystore if not done already
        if (keyStore == null) {
            keyStore = KeyStore.getInstance(KeyStore.defaultType)
            getClass().getResource( "/truststore.jks").withInputStream {
                keyStore.load(it, "password1234".toCharArray())
        SSLSocketFactory sf = new SSLSocketFactory(keyStore)
        httpBuilder.client.connectionManager.schemeRegistry.register(new Scheme("https", sf, 443))
        httpBuilder.request(method, contentType) { request ->
            uri.path = url
            // uri.query = params
            headers['Cookie'] = cookies.join(';')
            requestContentType = ContentType.URLENC
            // sample params
            body = ['username': "${params.username}", 'password': "${params.password}", 'otherParams': "${params.otherExampleParams}"]
            headers.'Connection' = params['Connection']
            headers.'Cookie' = params['Cookie']
            println("::Cookie: -> " + params['Cookie'])
            headers.'Host' = params['Host']
            headers.'X-Requested-With' = params['X-Requested-With']
            headers.'Origin' = params['Origin']
    private HTTPBuilder initializeHttpBuilder() {
        def httpBuilder = new HTTPBuilder(baseUrl)
        httpBuilder.handler.success = { HttpResponseDecorator resp, reader ->
            resp.getHeaders('Set-Cookie').each {
                // [Set-Cookie: JSESSIONID=E68D4799D4D6282F0348FDB7E8B88AE9; Path=/frontoffice/; HttpOnly]
                String cookie = it.value.split(';')[0]
                debug("Adding cookie to collection: $cookie")
            if (resp.status == 302) {
                println('302 detected')
                return ['status': 'redirect', 'response': resp]
            debug("Resp: ${resp}")
            debug("Reader: ${reader}")
            return ['status': 'ok', 'result': reader]
        // Enable to follow redirect requests
        /*httpBuilder.client.setRedirectStrategy(new DefaultRedirectStrategy() {
            boolean isRedirected(HttpRequest request, HttpResponse response, HttpContext context) {
                def redirected = super.isRedirected(request, response, context)
                return redirected || response.getStatusLine().getStatusCode() == 302
        return httpBuilder
    private debug(String message) {
        System.out.println(message) // for Gradle

6. Using the above class in a grails controller:

// ExampleController.groovy
// ..imports
class ExampleController {
    def index() {
        String serverName = request.getServerName()
        String serverUrl = "https://${serverName}"
        RestConnector restConnector = new RestConnector(serverUrl)  // some https url here
        def result = restConnector.request(Method.POST, ContentType.JSON, "${serverUrl}", ['username': "${username}", 'password': "${password}", 'otherParam': "${otherParam}"])
        if (result.status == "redirect") {
            def resp = result.response
            def heads = resp.getHeaders()
            redirect(uri: 'redirect-uri-here')
        } else if (result.status == "ok") {
            render (result.result as JSON)